The Hacker News

UNC5221 Uses BRICKSTORM Backdoor to Infiltrate U.S. Legal and Technology Sectors

BRICKSTORM was first documented by the tech giant last year in connection with the zero-day exploitation of Ivanti Connect ...
National Hockey League

Dryden remembered for off-ice exploits as much as 6 Cup wins with Canadiens

MONTREAL --The loss of goaltending legend Ken Dryden will be felt a great distance beyond hockey. Not only was Dryden arguably the game’s sharpest, most scholarly observer, a keen student of the sport ...
TechRadar

New malware exploits trusted Windows drivers to get around security systems - here's how to stay safe

Chinese threat group abused a vulnerable WatchDog Antimalware driver to disable antivirus and EDR tools Attackers also leveraged a Zemana Anti-Malware driver (ZAM.exe) for broader compatibility across ...
TechCrunch

WhatsApp fixes ‘zero-click’ bug used to hack Apple users with spyware

WhatsApp said on Friday that it fixed a security bug in its iOS and Mac apps that was being used to stealthily hack into the Apple devices of “specific targeted users.” The Meta-owned messaging app ...
CoinTelegraph

RWA protocol exploits reach $14.6M in H1 2025, surpassing 2024

Cryptocurrency hackers are targeting real-world asset (RWA) tokenization protocols, posing a security threat to the increasing institutional demand for this emerging blockchain sector. Real-world ...
Computer Weekly

Commvault users told to patch two RCE exploit chains

Data backup and replication specialist Commvault has issued patches covering off four vulnerabilities in its core software product that, left unaddressed, could be combined to achieve two distinct ...
TechCrunch

New zero-day startup offers $20 million for tools that can hack any smartphone

A new United Arab Emirates-based startup is offering up to $20 million for hacking tools that could help governments break into any smartphone with a text message. Apart from the highest bounty of $20 ...
Game Rant

Best New Minecraft Mods In 2025

An HR advisor with a background in recruitment and HRIS functions, with a passion for video games and writing. Oliver grew up playing Call of Duty with his siblings and has garnered 1000s of hours ...
Tidbits

Apple Updates Block Zero-Day Malicious Image Exploit

Apple has released a set of emergency security updates, including iOS 18.6.2 and iPadOS 18.6.2, iPadOS 17.7.10, macOS 15.6.1 Sequoia, macOS 14.7.8 Sonoma, and macOS 13.7.8 Ventura. The updates address ...
Infosecurity-magazine.com

Public Exploit Released for Critical SAP NetWeaver Flaw

A critical vulnerability in SAP NetWeaver AS Java Visual Composer, tracked as CVE-2025-31324, is now being widely exploited following the release of public exploit tooling. The flaw, patched in April ...
Bleeping Computer

Researcher to release exploit for full auth bypass on FortiWeb

A security researcher has released a partial proof of concept exploit for a vulnerability in the FortiWeb web application firewall that allows a remote attacker to bypass authentication. The flaw was ...
Ars Technica

High-severity WinRAR 0-day exploited for weeks by 2 groups

A high-severity zero-day in the widely used WinRAR file compressor is under active exploitation by two Russian cybercrime groups. The attacks backdoor computers that open malicious archives attached ...